From bd4e0fb5dbfe3f9c271d41da4cbec02b0eb05891 Mon Sep 17 00:00:00 2001 From: mmoussa_mapfreusa Date: Mon, 25 Jul 2022 13:13:42 -0400 Subject: [PATCH] Set LogoutRequestRepository on Saml2 LogoutSuccessHandler Closes gh-11363 --- .../configurers/saml2/Saml2LogoutConfigurer.java | 1 + .../saml2/Saml2LogoutConfigurerTests.java | 13 +++++++++++++ 2 files changed, 14 insertions(+) diff --git a/config/src/main/java/org/springframework/security/config/annotation/web/configurers/saml2/Saml2LogoutConfigurer.java b/config/src/main/java/org/springframework/security/config/annotation/web/configurers/saml2/Saml2LogoutConfigurer.java index b3ed0475ee..0fbfff015e 100644 --- a/config/src/main/java/org/springframework/security/config/annotation/web/configurers/saml2/Saml2LogoutConfigurer.java +++ b/config/src/main/java/org/springframework/security/config/annotation/web/configurers/saml2/Saml2LogoutConfigurer.java @@ -272,6 +272,7 @@ public final class Saml2LogoutConfigurer> LogoutHandler[] logoutHandlers = this.logoutHandlers.toArray(new LogoutHandler[0]); Saml2RelyingPartyInitiatedLogoutSuccessHandler logoutRequestSuccessHandler = createSaml2LogoutRequestSuccessHandler( registrations); + logoutRequestSuccessHandler.setLogoutRequestRepository(this.logoutRequestConfigurer.logoutRequestRepository); LogoutFilter logoutFilter = new LogoutFilter(logoutRequestSuccessHandler, logoutHandlers); logoutFilter.setLogoutRequestMatcher(createLogoutMatcher()); return postProcess(logoutFilter); diff --git a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/saml2/Saml2LogoutConfigurerTests.java b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/saml2/Saml2LogoutConfigurerTests.java index 072df740b8..5517727336 100644 --- a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/saml2/Saml2LogoutConfigurerTests.java +++ b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/saml2/Saml2LogoutConfigurerTests.java @@ -85,6 +85,7 @@ import org.springframework.web.util.UriUtils; import static org.assertj.core.api.Assertions.assertThat; import static org.hamcrest.Matchers.containsString; import static org.mockito.ArgumentMatchers.any; +import static org.mockito.ArgumentMatchers.eq; import static org.mockito.BDDMockito.given; import static org.mockito.BDDMockito.mock; import static org.mockito.BDDMockito.verify; @@ -407,6 +408,18 @@ public class Saml2LogoutConfigurerTests { verify(getBean(Saml2LogoutResponseValidator.class)).validate(any()); } + @Test + public void saml2LogoutWhenCustomLogoutRequestRepositoryThenUses() throws Exception { + this.spring.register(Saml2LogoutComponentsConfig.class).autowire(); + RelyingPartyRegistration registration = this.repository.findByRegistrationId("registration-id"); + Saml2LogoutRequest logoutRequest = Saml2LogoutRequest.withRelyingPartyRegistration(registration) + .samlRequest(this.rpLogoutRequest).id(this.rpLogoutRequestId).relayState(this.rpLogoutRequestRelayState) + .parameters((params) -> params.put("Signature", this.rpLogoutRequestSignature)).build(); + given(getBean(Saml2LogoutRequestResolver.class).resolve(any(), any())).willReturn(logoutRequest); + this.mvc.perform(post("/logout").with(authentication(this.user)).with(csrf())); + verify(getBean(Saml2LogoutRequestRepository.class)).saveLogoutRequest(eq(logoutRequest), any(), any()); + } + @Test public void saml2LogoutWhenLogoutGetThenLogsOutAndSendsLogoutRequest() throws Exception { this.spring.register(Saml2LogoutWithHttpGet.class).autowire();